Overview

overview

8

Static

static

6

HappyMod-3-1-5.apk

android-10-x64

8

Resubmissions

01-02-2025 01:48

250201-b8brfasrfj 8

31-01-2025 22:56

250131-2w1sxayqey 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HappyMod-3-1-5.apk

  • Size

    17.4MB

  • Sample

    250201-b8brfasrfj

  • MD5

    0ef4f4f011c3e16e18b18584d2f40393

  • SHA1

    d4a1292884579509009f85fbe480e819f4e103a9

  • SHA256

    a7e864470fc10ae55241364ce076007552af9673177e15caf4c20062bfc7339a

  • SHA512

    a85a12907e4a3b5bae1d80771817798c123688c2b4fc1945efdb65ff9d1ad4168186add6c55ae4ade9a969c9e0f67cab2672031aafbaca76386e74357211636b

  • SSDEEP

    393216:zp0TcbMT8whcEb7NqnKdzbspDNx4GhY6qqoe2w+FCropPvAUqfE:zacQTvcEUnKRwMGm6qqf0CkpQUqfE

Score
8/10
androidcollectioncredential_accessdefense_evasiondiscoveryevasionexecutionimpactpersistence

Malware Config

Targets

    • Target

      HappyMod-3-1-5.apk

    • Size

      17.4MB

    • MD5

      0ef4f4f011c3e16e18b18584d2f40393

    • SHA1

      d4a1292884579509009f85fbe480e819f4e103a9

    • SHA256

      a7e864470fc10ae55241364ce076007552af9673177e15caf4c20062bfc7339a

    • SHA512

      a85a12907e4a3b5bae1d80771817798c123688c2b4fc1945efdb65ff9d1ad4168186add6c55ae4ade9a969c9e0f67cab2672031aafbaca76386e74357211636b

    • SSDEEP

      393216:zp0TcbMT8whcEb7NqnKdzbspDNx4GhY6qqoe2w+FCropPvAUqfE:zacQTvcEUnKRwMGm6qqf0CkpQUqfE

    Score
    8/10
    collectioncredential_accessdefense_evasiondiscoveryevasionexecutionimpactpersistence

    • Checks if the Android device is rooted.

      defense_evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      defense_evasionpersistence

    • Queries information about active data network

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Reads information about phone network operator.

      discovery

    • Checks the presence of a debugger

      defense_evasion
    behavioral1

MITRE ATT&CK Mobile v15

Tasks